NEWS

Gentoo Linux Hacked and placed with File-Wiping Malware In Place

By VARINDIA - 2018-07-01

A million dollar question comes on, where the software developers would store their private code and is my private code safe on a private repository on GitHub? Github privacy statement says, Thanks for entrusting GitHub with your source code, your projects, and your personal information. Holding onto your private information is a serious responsibility, and we want you to know how we're handling it.

It further says, we only collect the information you choose to give us, and we process it with your consent, or on another legal basis; we only require the minimum amount of personal information that is necessary to fulfill the purpose of your interaction with us; we don't sell it to third parties; and we only use it as this Privacy Statement describes. So the question comes how, a unknown hacker has temporarily taken control over the GitHub account of the Gentoo Linux organization and embedded malicious code inside the operating system's distributions that would delete user files.

Most of companies from start-up to tech giants like Microsoft uses the cloud-based service to work on code collaboratively. GitHub has more than 27 million software developers working on more than 85 million repositories of code and 27 million fresh users for Microsoft’s mega cloud. GitHub is one of the most essential tools used by software developers today. After the deal closes (Microsoft acquiring Github, in an all-stock deal worth $7.5 billion) in this year, Microsoft would be rolling up a crucial part of the ecosystem. Probably, hackers got interested in a strong believe that he can demand a good amount.

Thankfully, the malicious code fails to trigger properly and users' files remain safe, but the Gentoo team says it regained control over their account. The report says, certain Github accounts affected but not its core infrastructure and associated files, hosted on different servers.

A Gentoo spokesperson said. "Since the master Gentoo ebuild repository is hosted on its own official portal and Github is just a mirror for it , you are fine as long as you are using rsync or webrsync from gentoo.org. On the Gentoo mailing list, Gentoo dev Francisco Blas Izquierdo Riera says the hacker "has among other things replaced the portage and musl-dev trees with malicious versions of the ebuilds.

Lastly, to take the precautionary measure, developers or users who downloaded Gentoo Linux images from the GitHub instead of its official website, are advised to restore the OS, content or reinstall it from scratch.


Related Articles

Security is running across the core fabrics of Cisco	Cisco helps India's banking & financial services sector to transform Digitally	NSE selects CISCO for enhanced customer service, analytics and cybersecurity

HDFC Bank and Cisco Jointly Working towards Enhanced Customer Experience	Cisco identifies 20 billion cyber threats a day	Cisco and NetApp announce FlexPod solutions